A year ago, AHRQ found rampant confusion and mistakes among covered entities trying to comply…
The GAO just issued another assessment of HHS's and ONCHIT's progress in identifying and addressing key HIPAA and other health IT related privacy issues, and developing an overall approach to HIT privacy. The federales — not known for nimbleness — have made significant progress, but have not yet fully addressed all of the issues on this front tagged by GAO in its Febuary 2007 HIT report. In GAO-speak:
This assessment may, in fact, be too kind. The federales' June 2008 HIT strategic plan, though full of privacy and security objectives, strategies and compliance, has been critiqued by some observers as being somewhat out of touch with reality. There's a lot further to go.
In related privacy news, HHS released some HIPAA FAQs this week — two information sheets, one directed at consumers and one at providers. No new information there, but perhaps they will be useful in eliminating basic HIPAA confusion in some quarters. HIPAA should no longer the universal excuse for being unable to provide information to or about a patient, or to agree to a particular provision while negotiating a deal (though it's still proffered as an excuse sometimes, as is Stark and Sarbanes-Oxley, usually more because a party to a negotiation just doesn't want to agree to a particular contract term and is seeking to hang their hat on some external factor).
Moving from HIPAA privacy to HIPAA security: Another recent development is the release of a new health informatics information security management standard by the ISO. Quoth the press release:
It remains for someone better-versed in the technical end of things than I am to assess whether ISO compliance and HIPAA compliance could dovetail neatly in a manner that may yield more reliable protections for health information security, or whether this ISO standard will be a wrench thrown in the works of evolving HIPAA security rule compliance.
David Harlow
The Harlow Group LLC
Health Care Law and Consulting
Healthcare NOW Radio Podcast Network · Harlow on Healthcare
In this episode I speak with Ryne Natzke, Chief Revenue Officer of TrustCommerce, a Sphere…
Natalie Davis, CEO of United States of Care, returned to Harlow on Healthcare to discuss…
If the EHR is the system of record, then Lumeon is the system of action.…
Blockchain in healthcare? Well, it can solve some problems. Have a listen to my conversation…
Joel Diamond, Chief Medical Officer at 2bPrecise, speaks with me about bringing genetic testing information…